Senior Manager, Privileged Identity & Access Controls

The Opportunity

Company : CGL

Department : 0

Employment Type : Regular Full-Time

Work Model : Hybrid

Language : This role operates in English.

Additional Information : This / these role(s) is / are currently vacant

We are a leading Canadian financial services co‑operative committed to being a catalyst for a sustainable and resilient society and our team is essential to deliver on this strategy. That’s why we prioritize our people, to ensure we provide a strong culture and development opportunities which enables our team to thrive and to live our purpose. The best part is that you will work with people that care passionately about you, our clients and our communities.

Our Information Technology team aspires to be a leader in applying technology to power business strategies. We connect concepts with solutions to create value and efficiencies for our clients, employees, and communities. Our success is driven by our skilled and diverse team who are passionate about excellence, innovation, and agility.

This role reports to the AVP, Identity & Access Management and ensures a consistent, governed, and risk‑based approach to managing both privileged access and broader access management capabilities across the enterprise. The position safeguards the integrity of our access environment by defining, governing, and overseeing how privileged identities, elevated entitlements, and general access controls—including Single Sign-On (SSO) and Multi‑Factor Authentication (MFA)—are managed across technology platforms.

The Senior Manager is accountable for the design, governance, implementation, and operation of enterprise privileged access capabilities, as well as the development and centralization of access management services. This includes securing administrative accounts, service and application identities, secrets, elevated entitlements, and building unified SSO and MFA solutions across on‑premises, cloud, and application environments.

The incumbent will collaborate with Technology, Security, Risk, and Audit stakeholders to build mature PAM and Access Management services aligned with organizational standards, policies, and IAM priorities. This role provides domain leadership for both privileged and general access capabilities, ensuring services are delivered securely, reliably, and at scale.

The successful candidate will lead initiatives to reduce fragmentation, improve standardization, and drive adoption of centralized PAM and Access Management technologies and practices, supporting the evolution toward a unified, enterprise‑wide identity and access management model.

How You Will Create Impact

• Leverage deep expertise in Privileged Access Management (PAM), access security, and technical leadership to build, lead, and scale a high‑performing engineering team.
• Balance strategic direction with execution discipline to deliver secure, compliant, and user‑centric privileged access solutions.
• Own the Access Security and Privileged Identity program—including PAM, Single Sign‑On (SSO), and Multi‑Factor Authentication (MFA)—from strategy through implementation and ongoing operations.
• Define and maintain a program roadmap aligned to enterprise IAM strategy, technology standards, and risk appetite.
• Provide technical leadership and oversight for the design, integration, and operation of PAM, SSO, and MFA capabilities across on‑premises, cloud, and application environments.
• Lead efforts to consolidate and modernize fragmented PAM / SSO / MFA tools and processes into standardized, resilient, centrally managed access security services.
• Identify and manage technical risks, service gaps, and technical debt within the Access Security domain.
• Collaborate with Architecture, Security and Technology teams to ensure alignment with enterprise security and technology standards.
• Partner with Infrastructure, Cloud, Application, and business teams to support risk‑based access decisions and secure operational outcomes.
• Provide expert input into enterprise risk, audit, and regulatory activities related to access security.
• Lead and develop technical staff responsible for delivering and operating privileged access and authentication controls.
• Manage vendor relationships and incorporate product roadmaps into planning and delivery.
• Oversee the architecture, design, and implementation of PAM solutions using enterprise‑grade technologies (e.g., Delinea, CyberArk, and other modern PAM platforms).
• Ensure alignment with Zero Trust principles and regulatory frameworks (e.g., OSFI, SOC, NIST).
• Provide technical guidance for integration with identity providers (Entra ID, Okta), SIEM / SOAR, ITSM, DevOps, and cloud platforms.
• Drive operational excellence in PAM lifecycle management, privileged session monitoring, credential vaulting, and access governance.
• Lead design and integration of Secrets Management solutions (e.g., HashiCorp Vault) to secure non‑human identities, service accounts, and application credentials.
• Oversee implementation and governance of Public Key Infrastructure (PKI) for certificate lifecycle management and integration with authentication and PAM systems.
• Lead incident response and remediation activities related to privileged access threats or audit findings.

How You Will Succeed

To Join Our Team

What You Need To Know

What’s in it for you?

Expected salary range : $114,021 - $164,000+

The salary amount for the successful candidate is determined by Co-operators in its discretion and will vary depending on several criteria including but not limited to : local market conditions, geography and relevant job‑related factors such as knowledge, skills, qualification, experience and education.

Employees may also have the opportunity to participate in incentive programs and earn additional compensation tied to individual and / or business performance, or other business metrics.

#J-18808-Ljbffr